data protection | Breaking Cybersecurity News | The Hacker News

Artificial Intelligence (AI) is no longer a far-off dream—it’s here, changing the way we live. From ordering coffee to diagnosing diseases, it’s everywhere. But while you’re creating the next big AI-powered app, hackers are already figuring out ways to break it. Every AI app is an opportunity—and a potential risk. The stakes are huge: data leaks, downtime, and even safety threats if security isn’t built in. With AI adoption moving fast, securing your projects is no longer optional—it’s a must. Join Liqian Lim, Senior Product Marketing Manager at Snyk, for an exclusive webinar that’s all about securing the future of AI development. Titled “ Building Tomorrow, Securely: Securing the Use of AI in App Development ,” this session will arm you with the knowledge and tools to tackle the challenges of AI-powered innovation. What You’ll Learn: Get AI-Ready: How to make your AI projects secure from the start. Spot Hidden Risks: Uncover threats you might not see coming. Understand the Ma...

Ever wonder what happens in the digital world every time you blink? Here's something wild - hackers launch about 2,200 attacks every single day, which means someone's trying to break into a system somewhere every 39 seconds. And get this - while we're all worried about regular hackers, there are now AI systems out there that can craft phishing emails so convincingly, that even cybersecurity experts have trouble spotting them. What's even crazier? Some of the latest malware is like a digital chameleon - it literally watches how you try to catch it and changes its behavior to slip right past your defenses. Pretty mind-bending stuff, right? This week's roundup is packed with eye-opening developments that'll make you see your laptop in a whole new light. ⚡ Threat of the Week T-Mobile Spots Hackers Trying to Break In: U.S. telecom service provider T-Mobile caught some suspicious activity on their network recently - basically, someone was trying to sneak into th...

Over a dozen malicious Android apps identified on the Google Play Store that have been collectively downloaded over 8 million times contain malware known as SpyLoan, according to new findings from McAfee Labs. "These PUP (potentially unwanted programs) applications use social engineering tactics to trick users into providing sensitive information and granting extra mobile app permissions, which can lead to extortion, harassment, and financial loss," security researcher Fernando Ruiz said in an analysis published last week. The newly discovered apps purport to offer quick loans with minimal requirements to attract unsuspecting users in Mexico, Colombia, Senegal, Thailand, Indonesia, Vietnam, Tanzania, Peru, and Chile. The 15 predatory loan apps are listed below. Five of these apps that are still available for download from the official app store are said to have made changes to comply with Google Play policies. Préstamo Seguro-Rápido, seguro (com.prestamoseguro.ss ) P...

The frequency and sophistication of modern cyberattacks are surging, making it increasingly challenging for organizations to protect sensitive data and critical infrastructure. When attackers compromise a non-human identity (NHI), they can swiftly exploit it to move laterally across systems, identifying vulnerabilities and compromising additional NHIs in minutes. While organizations often take months to detect and contain such breaches, rapid detection and response can stop an attack in its tracks. The Rise of Non-Human Identities in Cybersecurity By 2025, non-human identities will rise to be the primary attack vector in cybersecurity. As businesses increasingly automate processes and adopt AI and IoT technologies, the number of NHIs grows exponentially. While these systems drive efficiency, they also create an expanded attack surface for cybercriminals. NHIs differ fundamentally from human users, making traditional security tools like multi-factor authentication and user behavior...

Advertising on TikTok is the obvious choice for any company trying to reach a young market, and especially so if it happens to be a travel company, with 44% of American Gen Zs saying they use the platform to plan their vacations. But one online travel marketplace targeting young holidaymakers with ads on the popular video-sharing platform broke GDPR rules when a third-party partner misconfigured a TikTok pixel on one of its regional sites. An intriguing new case study reveals how the cyber security company that discovered the problem stopped a data breach from becoming a costly flood.  For the full case study, click here .  Dangers Close to Home Cyberattacks often make the headlines because hacking is a natural attention-grabber. The groups behind the attacks seem like modern-day highwaymen, shadowy figures who can rob countless victims from behind a mask of anonymity. Faceless criminals like these will always grab readers’ attention, and while this is understandable, we’...

Romanian cybersecurity company Bitdefender has released a free decryptor to help victims recover data encrypted using the ShrinkLocker ransomware. The decryptor is the result of a comprehensive analysis of ShrinkLocker's inner workings, allowing the researchers to discover a "specific window of opportunity for data recovery immediately after the removal of protectors from BitLocker-encrypted disks." ShrinkLocker was first documented in May 2024 by Kaspersky, which found the malware's use of Microsoft's native BitLocker utility for encrypting files as part of extortion attacks targeting Mexico, Indonesia, and Jordan. It appears to have been adapted from benign ten-year-old code. Bitdefender, which investigated a ShrinkLocker incident targeting an unnamed healthcare company in the Middle East, said the attack likely originated from a machine belonging to a contractor, once again highlighting how threat actors are increasingly abusing trusted relationships to ...

The rise of SaaS and cloud-based work environments has fundamentally altered the cyber risk landscape. With more than 90% of organizational network traffic flowing through browsers and web applications, companies are facing new and serious cybersecurity threats. These include phishing attacks, data leakage, and malicious extensions. As a result, the browser also becomes a vulnerability that needs to be protected. LayerX has released a comprehensive guide titled "Kickstarting Your Browser Security Program” This in-depth guide serves as a roadmap for CISOs and security teams looking to secure browser activities within their organization; including step-by-step instructions, frameworks, and use cases. Below, we bring its main highlights. Prioritizing Browser Security Browsers now serve as the primary interface for SaaS applications, creating new malicious opportunities for cyber adversaries. The risks include: Data leakage - Browsers can expose sensitive data by allowing empl...

Defending your organization’s security is like fortifying a castle—you need to understand where attackers will strike and how they’ll try to breach your walls. And hackers are always searching for weaknesses, whether it’s a lax password policy or a forgotten backdoor. To build a stronger defense, you must think like a hacker and anticipate their moves. Read on to learn more about hackers' strategies to crack passwords, the vulnerabilities they exploit, and how you can reinforce your defenses to keep them at bay. Analysis of the worst passwords Weak, commonly used passwords represent the easiest targets for hackers. Every year, experts provide  lists of the most frequently used passwords , with classics like “ 123456 ” and “ password ” appearing year after year. These passwords are the low-hanging fruit of a hacker’s attack strategy. Despite years of security warnings, users still use simple, easy-to-remember passwords—often based on predictable patterns or personal details ...

Zero Trust security changes how organizations handle security by doing away with implicit trust while continuously analyzing and validating access requests. Contrary to perimeter-based security, users within an environment are not automatically trusted upon gaining access. Zero Trust security encourages continuous monitoring of every device and user, which ensures sustained protection after successful user authentication. Why companies adopt Zero Trust security Companies adopt Zero Trust security to protect against complex and increasingly sophisticated cyber threats. This addresses the limitations of traditional, perimeter-based security models, which include no east-west traffic security, the implicit trust of insiders, and lack of adequate visibility.  Traditional vs. Zero Trust security Zero Trust security upgrades an organization's security posture by offering: Improved security posture : Organizations can improve their security posture by continuously gathering data on...

Cybersecurity researchers have disclosed six security flaws in the Ollama artificial intelligence (AI) framework that could be exploited by a malicious actor to perform various actions, including denial-of-service, model poisoning, and model theft. "Collectively, the vulnerabilities could allow an attacker to carry out a wide-range of malicious actions with a single HTTP request, including denial-of-service (DoS) attacks, model poisoning, model theft, and more," Oligo Security researcher Avi Lumelsky said in a report published last week. Ollama is an open-source application that allows users to deploy and operate large language models (LLMs) locally on Windows, Linux, and macOS devices. Its project repository on GitHub has been forked 7,600 times to date. A brief description of the six vulnerabilities is below - CVE-2024-39719 (CVSS score: 7.5) - A vulnerability that an attacker can exploit using /api/create an endpoint to determine the existence of a file in the se...

Did you know that advanced threat actors can infiltrate the identity systems of major organizations and extract sensitive data within days? It’s a chilling reality, becoming more common and concerning by the day. These attackers exploit vulnerabilities in SaaS and cloud environments, using compromised identities to move laterally within networks, causing widespread damage. Cybersecurity and IT professionals now face an uphill battle against these sophisticated threats. Traditional security measures are proving insufficient, leaving organizations vulnerable to data breaches, financial losses, and reputational harm. This webinar provides crucial insights and actionable strategies to help safeguard your organization against these evolving threats. Join us to hear from a renowned expert with firsthand experience in cyber defense. Ian Ahl, SVP of P0 Labs and former Head of Advanced Practices at Mandiant, brings extensive experience from responding to hundreds of breaches. He will shar...

Cybersecurity researchers have flagged a "massive" campaign that targets exposed Git configurations to siphon credentials, clone private repositories, and even extract cloud credentials from the source code. The activity, codenamed EMERALDWHALE , is estimated to have collected over 10,000 private repositories and stored in an Amazon S3 storage bucket belonging to a prior victim. The bucket, consisting of no less than 15,000 stolen credentials, has since been taken down by Amazon. "The stolen credentials belong to Cloud Service Providers (CSPs), Email providers, and other services," Sysdig said in a report. "Phishing and spam seem to be the primary goal of stealing the credentials." The multi-faceted criminal operation, while not sophisticated, has been found to leverage an arsenal of private tools to steal credentials as well as scrape Git config files, Laravel .env files, and raw web data. It has not been attributed to any known threat actor or grou...